From e03930aea3338a07738b5805551d98f8a34bbe94 Mon Sep 17 00:00:00 2001 From: Anukul Verma <163091262+Verma-Anukul@users.noreply.github.com> Date: Tue, 6 Aug 2024 22:19:37 +0530 Subject: [PATCH 01/11] Adding NTP auth-key reference for NTP server config (#1149) Issue : NTP model has key-list, but there is no way to reference the same from ntp servers. Fix : Added a new leafref in server config container to reference configured key. --- release/models/system/openconfig-system.yang | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/release/models/system/openconfig-system.yang b/release/models/system/openconfig-system.yang index e63b5859c..3352fd221 100644 --- a/release/models/system/openconfig-system.yang +++ b/release/models/system/openconfig-system.yang @@ -47,7 +47,13 @@ module openconfig-system { Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info)."; - oc-ext:openconfig-version "2.0.0"; + oc-ext:openconfig-version "2.1.0"; + + revision "2024-07-15" { + description + "Added auth key reference in ntp server configuration."; + reference "2.1.0"; + } revision "2023-12-20" { description @@ -748,6 +754,14 @@ module openconfig-system { description "Source address to use on outgoing NTP packets"; } + + leaf key-id { + type leafref { + path "../../../../ntp-keys/ntp-key/key-id"; + } + description + "Reference to NTP authentication key for this server."; + } } grouping system-ntp-server-state { From 5f0f4e5ab66f11c34661378599e32bff873ec2dd Mon Sep 17 00:00:00 2001 From: Darren Loher Date: Tue, 6 Aug 2024 09:50:26 -0700 Subject: [PATCH 02/11] Add backup-active to AFT NHG state (#1100) * add backup-active to AFT NHG state --- release/models/aft/openconfig-aft-common.yang | 22 ++++++++++++++++++- .../models/aft/openconfig-aft-ethernet.yang | 8 ++++++- release/models/aft/openconfig-aft-ipv4.yang | 8 ++++++- release/models/aft/openconfig-aft-ipv6.yang | 8 ++++++- release/models/aft/openconfig-aft-mpls.yang | 16 ++++++-------- release/models/aft/openconfig-aft-pf.yang | 8 ++++++- .../aft/openconfig-aft-state-synced.yang | 8 ++++++- release/models/aft/openconfig-aft.yang | 8 ++++++- 8 files changed, 70 insertions(+), 16 deletions(-) diff --git a/release/models/aft/openconfig-aft-common.yang b/release/models/aft/openconfig-aft-common.yang index ac924b67c..c69587e0f 100644 --- a/release/models/aft/openconfig-aft-common.yang +++ b/release/models/aft/openconfig-aft-common.yang @@ -23,7 +23,13 @@ submodule openconfig-aft-common { "Submodule containing definitions of groupings that are re-used across multiple contexts within the AFT model."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description @@ -693,6 +699,20 @@ submodule openconfig-aft-common { entries within the next-hop group become unusable, the backup next-hop group is used if specified."; } + + leaf backup-active { + type boolean; + default false; + description + "Set to true if and only if the device no longer forwards traffic + using the primary NextHops of this NextHopGroup and instead uses + the specified backup-next-hop-group. This leaf should be set to + false if the backup-next-hop-group is either unspecified or unused + by the device."; + } + + + } grouping aft-nhg-nh-state { diff --git a/release/models/aft/openconfig-aft-ethernet.yang b/release/models/aft/openconfig-aft-ethernet.yang index 2845c9383..b2c0758df 100644 --- a/release/models/aft/openconfig-aft-ethernet.yang +++ b/release/models/aft/openconfig-aft-ethernet.yang @@ -20,7 +20,13 @@ submodule openconfig-aft-ethernet { "Submodule containing definitions of groupings for the abstract forwarding tables for Ethernet."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description diff --git a/release/models/aft/openconfig-aft-ipv4.yang b/release/models/aft/openconfig-aft-ipv4.yang index f6152aca8..d582b2ad7 100644 --- a/release/models/aft/openconfig-aft-ipv4.yang +++ b/release/models/aft/openconfig-aft-ipv4.yang @@ -20,7 +20,13 @@ submodule openconfig-aft-ipv4 { "Submodule containing definitions of groupings for the abstract forwarding tables for IPv4."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description diff --git a/release/models/aft/openconfig-aft-ipv6.yang b/release/models/aft/openconfig-aft-ipv6.yang index 1976a7271..c8aede635 100644 --- a/release/models/aft/openconfig-aft-ipv6.yang +++ b/release/models/aft/openconfig-aft-ipv6.yang @@ -20,7 +20,13 @@ submodule openconfig-aft-ipv6 { "Submodule containing definitions of groupings for the abstract forwarding tables for IPv6."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description diff --git a/release/models/aft/openconfig-aft-mpls.yang b/release/models/aft/openconfig-aft-mpls.yang index 77091afa4..2418a5a9e 100644 --- a/release/models/aft/openconfig-aft-mpls.yang +++ b/release/models/aft/openconfig-aft-mpls.yang @@ -21,20 +21,18 @@ submodule openconfig-aft-mpls { "Submodule containing definitions of groupings for the abstract forwarding table for MPLS label forwarding."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; - revision "2024-01-26" { + revision "2024-04-25" { description - "Add gre container under next-hops aft entry state. - Add src-ip, dst-ip and ttl under gre aft entry state - for telemetry."; - reference "2.5.0"; + "Add backup-active to AFT NHG state."; + reference "2.6.0"; } - revision "2023-09-26" { + revision "2024-04-25" { description - "Add next-hop-group-name in NHG AFT entry state."; - reference "2.4.0"; + "Add backup-active to AFT NHG state."; + reference "2.5.0"; } revision "2023-04-19" { diff --git a/release/models/aft/openconfig-aft-pf.yang b/release/models/aft/openconfig-aft-pf.yang index fc72ece6e..8f0d5a243 100644 --- a/release/models/aft/openconfig-aft-pf.yang +++ b/release/models/aft/openconfig-aft-pf.yang @@ -28,7 +28,13 @@ submodule openconfig-aft-pf { fields other than the destination address that is used in other forwarding tables."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description diff --git a/release/models/aft/openconfig-aft-state-synced.yang b/release/models/aft/openconfig-aft-state-synced.yang index 166ad7ead..3e0950826 100644 --- a/release/models/aft/openconfig-aft-state-synced.yang +++ b/release/models/aft/openconfig-aft-state-synced.yang @@ -16,7 +16,13 @@ submodule openconfig-aft-state-synced { "Submodule containing definitions of groupings for the state synced signals corresponding to various abstract forwarding tables."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description diff --git a/release/models/aft/openconfig-aft.yang b/release/models/aft/openconfig-aft.yang index 011956948..d1af3e977 100644 --- a/release/models/aft/openconfig-aft.yang +++ b/release/models/aft/openconfig-aft.yang @@ -42,7 +42,13 @@ module openconfig-aft { is referred to as an Abstract Forwarding Table (AFT), rather than the FIB."; - oc-ext:openconfig-version "2.5.0"; + oc-ext:openconfig-version "2.6.0"; + + revision "2024-04-25" { + description + "Add backup-active to AFT NHG state."; + reference "2.6.0"; + } revision "2024-01-26" { description From 94683fe27ad513b88b1d71f9e0430ac8a3fbbdd9 Mon Sep 17 00:00:00 2001 From: Eric Breverman Date: Thu, 8 Aug 2024 17:44:00 -0700 Subject: [PATCH 03/11] Attenuator mode - system controlled (#1147) * SYSTEM_CONTROLLED attenuator mode. --- .../openconfig-optical-attenuator.yang | 45 ++++++++++++++++++- 1 file changed, 44 insertions(+), 1 deletion(-) diff --git a/release/models/optical-transport/openconfig-optical-attenuator.yang b/release/models/optical-transport/openconfig-optical-attenuator.yang index 94b3d71bf..cffe56a5a 100644 --- a/release/models/optical-transport/openconfig-optical-attenuator.yang +++ b/release/models/optical-transport/openconfig-optical-attenuator.yang @@ -24,7 +24,13 @@ module openconfig-optical-attenuator { for variable optical attenuators, deployed as part of a transport line system."; - oc-ext:openconfig-version "0.1.0"; + oc-ext:openconfig-version "0.2.0"; + + revision "2024-07-10" { + description + "Adding SYSTEM_CONTROLLED mode with accompanying leaves"; + reference "0.2.0"; + } revision "2019-07-19" { description @@ -62,6 +68,12 @@ module openconfig-optical-attenuator { "Constant attenuation mode"; } + identity SYSTEM_CONTROLLED { + base OPTICAL_ATTENUATOR_MODE; + description + "System controls the attenuation value."; + } + // grouping statements @@ -112,6 +124,28 @@ module openconfig-optical-attenuator { maintain constant output power. When false, the attenuator is set max attenuation or blocked."; } + + leaf max-output-power { + type decimal64 { + fraction-digits 2; + } + units dBm; + description + "The max power level allowed on the output of attenuator. This leaf + is optional when in SYSTEM_CONTROLLED mode."; + } + + leaf max-output-power-threshold { + type decimal64 { + fraction-digits 2; + } + units dB; + description + "If the system-derived-target-output-power is equal to or greater than + 'max-output-power + max-output-power-threshold', a device alarm will + be raised within /system/alarms. This leaf is only relevant when + in SYSTEM_CONTROLLED mode."; + } } grouping optical-attenuator-state { @@ -150,6 +184,15 @@ module openconfig-optical-attenuator { port. This leaf is only valid for ports of type EGRESS."; } + leaf system-derived-target-output-power { + type decimal64 { + fraction-digits 2; + } + units dBm; + description + "The target output power as determined by the device. + This leaf is only relevant when in SYSTEM_CONTROLLED mode."; + } container actual-attenuation { description From 6e28490719bd8a3966ce9a78c82c3b7a5a249412 Mon Sep 17 00:00:00 2001 From: Nathan Kitchen Date: Fri, 9 Aug 2024 13:26:30 -0700 Subject: [PATCH 04/11] Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION. (#239) * Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION. * (M) release/models/ospf/openconfig-ospfv2-lsdb.yang --- .../models/ospf/openconfig-ospfv2-area-interface.yang | 8 +++++++- release/models/ospf/openconfig-ospfv2-area.yang | 8 +++++++- release/models/ospf/openconfig-ospfv2-common.yang | 8 +++++++- release/models/ospf/openconfig-ospfv2-global.yang | 8 +++++++- release/models/ospf/openconfig-ospfv2-lsdb.yang | 10 ++++++++-- release/models/ospf/openconfig-ospfv2.yang | 8 +++++++- 6 files changed, 43 insertions(+), 7 deletions(-) diff --git a/release/models/ospf/openconfig-ospfv2-area-interface.yang b/release/models/ospf/openconfig-ospfv2-area-interface.yang index 3045ad03c..7fa65cee0 100644 --- a/release/models/ospf/openconfig-ospfv2-area-interface.yang +++ b/release/models/ospf/openconfig-ospfv2-area-interface.yang @@ -25,7 +25,13 @@ submodule openconfig-ospfv2-area-interface { "This submodule provides OSPFv2 configuration and operational state parameters that are specific to the area context"; - oc-ext:openconfig-version "0.5.1"; + oc-ext:openconfig-version "0.5.2"; + + revision "2024-06-17" { + description + "Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION."; + reference "0.5.2"; + } revision "2023-11-01" { description diff --git a/release/models/ospf/openconfig-ospfv2-area.yang b/release/models/ospf/openconfig-ospfv2-area.yang index e0f0020f8..f65f58979 100644 --- a/release/models/ospf/openconfig-ospfv2-area.yang +++ b/release/models/ospf/openconfig-ospfv2-area.yang @@ -23,7 +23,13 @@ submodule openconfig-ospfv2-area { "This submodule provides OSPFv2 configuration and operational state parameters that are specific to the area context"; - oc-ext:openconfig-version "0.5.1"; + oc-ext:openconfig-version "0.5.2"; + + revision "2024-06-17" { + description + "Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION."; + reference "0.5.2"; + } revision "2023-11-01" { description diff --git a/release/models/ospf/openconfig-ospfv2-common.yang b/release/models/ospf/openconfig-ospfv2-common.yang index 8bfd890b4..34f9c3b23 100644 --- a/release/models/ospf/openconfig-ospfv2-common.yang +++ b/release/models/ospf/openconfig-ospfv2-common.yang @@ -17,7 +17,13 @@ submodule openconfig-ospfv2-common { "This submodule provides OSPFv2 configuration and operational state parameters that are shared across multiple contexts"; - oc-ext:openconfig-version "0.5.1"; + oc-ext:openconfig-version "0.5.2"; + + revision "2024-06-17" { + description + "Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION."; + reference "0.5.2"; + } revision "2023-11-01" { description diff --git a/release/models/ospf/openconfig-ospfv2-global.yang b/release/models/ospf/openconfig-ospfv2-global.yang index e6c0256ec..96504073c 100644 --- a/release/models/ospf/openconfig-ospfv2-global.yang +++ b/release/models/ospf/openconfig-ospfv2-global.yang @@ -23,7 +23,13 @@ submodule openconfig-ospfv2-global { "This submodule provides OSPFv2 configuration and operational state parameters that are global to a particular OSPF instance"; - oc-ext:openconfig-version "0.5.1"; + oc-ext:openconfig-version "0.5.2"; + + revision "2024-06-17" { + description + "Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION."; + reference "0.5.2"; + } revision "2023-11-01" { description diff --git a/release/models/ospf/openconfig-ospfv2-lsdb.yang b/release/models/ospf/openconfig-ospfv2-lsdb.yang index e1eda9fdd..113d31630 100644 --- a/release/models/ospf/openconfig-ospfv2-lsdb.yang +++ b/release/models/ospf/openconfig-ospfv2-lsdb.yang @@ -22,7 +22,13 @@ submodule openconfig-ospfv2-lsdb { "An OpenConfig model for the Open Shortest Path First (OSPF) version 2 link-state database (LSDB)"; - oc-ext:openconfig-version "0.5.1"; + oc-ext:openconfig-version "0.5.2"; + + revision "2024-06-17" { + description + "Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION."; + reference "0.5.2"; + } revision "2023-11-01" { description @@ -749,7 +755,7 @@ submodule openconfig-ospfv2-lsdb { } // grace LSA container router-information { - when "../state/type = 'oc-ospf-types:ROUTER_INFORMATION_LSA'" { + when "../state/type = 'oc-ospf-types:ROUTER_INFORMATION'" { description "Include the router-information container when the opaque LSA type is specified to be an RI LSA"; diff --git a/release/models/ospf/openconfig-ospfv2.yang b/release/models/ospf/openconfig-ospfv2.yang index fb5a7e031..f909bdd85 100644 --- a/release/models/ospf/openconfig-ospfv2.yang +++ b/release/models/ospf/openconfig-ospfv2.yang @@ -34,7 +34,13 @@ module openconfig-ospfv2 { "An OpenConfig model for Open Shortest Path First (OSPF) version 2"; - oc-ext:openconfig-version "0.5.1"; + oc-ext:openconfig-version "0.5.2"; + + revision "2024-06-17" { + description + "Correct ROUTER_INFORMATION_LSA to ROUTER_INFORMATION."; + reference "0.5.2"; + } revision "2023-11-01" { description From 147cfe8027cf80d86cab485fc05d735f2b00538c Mon Sep 17 00:00:00 2001 From: Likai Liu Date: Mon, 19 Aug 2024 17:02:18 -0400 Subject: [PATCH 05/11] Correction to loopback-mode-type FACILITY and TERMINAL #1135 (#1155) * Correction to loopback-mode-type FACILITY and TERMINAL #1135 --- .../openconfig-transport-types.yang | 23 ++++++++++++------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/release/models/optical-transport/openconfig-transport-types.yang b/release/models/optical-transport/openconfig-transport-types.yang index b38fb1c2c..7c3c6a481 100644 --- a/release/models/optical-transport/openconfig-transport-types.yang +++ b/release/models/optical-transport/openconfig-transport-types.yang @@ -22,7 +22,14 @@ module openconfig-transport-types { "This module contains general type definitions and identities for optical transport models."; - oc-ext:openconfig-version "0.25.0"; + oc-ext:openconfig-version "1.0.0"; + + revision "2024-07-24" { + description + "Corrected description for FACILITY and TERMINAL loopback-mode-type + enums."; + reference "1.0.0"; + } revision "2024-06-28" { description @@ -221,19 +228,19 @@ module openconfig-transport-types { "No loopback is applied"; } enum FACILITY { - description - "A port internal loopback at ASIC level. The loopback directs - traffic normally transmitted on the port back to the device as - if received on the same port from an external source. Note this - mode is used when internal loopback does NOT specify MAC or PHY."; - } - enum TERMINAL { description "A port external loopback at ASIC level. The loopback which directs traffic received from an external source on the port back out the transmit side of the same port. Note this mode is used when external loopback does NOT specify MAC or PHY"; } + enum TERMINAL { + description + "A port internal loopback at ASIC level. The loopback directs + traffic normally transmitted on the port back to the device as + if received on the same port from an external source. Note this + mode is used when internal loopback does NOT specify MAC or PHY."; + } enum ASIC_PHY_LOCAL { description "A port internal loopback at PHY module. The loopback directs From 5c402a135033b6e07b925e66a73eeab47aa87f0c Mon Sep 17 00:00:00 2001 From: Jake Snyder Date: Wed, 21 Aug 2024 11:27:06 -0600 Subject: [PATCH 06/11] #1159 wifi mac transition modes (#1162) * fixing #1159 adding transition modes * Update version and revision history * fixed trailing whitespace --- release/models/wifi/openconfig-wifi-mac.yang | 41 +++++++++++++++++--- 1 file changed, 35 insertions(+), 6 deletions(-) diff --git a/release/models/wifi/openconfig-wifi-mac.yang b/release/models/wifi/openconfig-wifi-mac.yang index 3bb25cfc4..2280a5a42 100644 --- a/release/models/wifi/openconfig-wifi-mac.yang +++ b/release/models/wifi/openconfig-wifi-mac.yang @@ -26,7 +26,13 @@ module openconfig-wifi-mac { description "Model for managing MAC layer configuration of Radio interfaces."; - oc-ext:openconfig-version "1.3.1"; + oc-ext:openconfig-version "1.3.2"; + + revision "2024-08-07" { + description + "Add transition modes ENHANCED_OPEN_TRANSITION, WPA3_2_SAE_TRANSITION and + WPA3_2_ENTERPRISE_TRANSITION"; + } revision "2023-05-26" { description @@ -253,15 +259,30 @@ module openconfig-wifi-mac { description "Open authentication with Opportunistic Wireless Encryption."; } + enum ENHANCED_OPEN_TRANSITION { + description + "Open authentication with Opportunistic Wireless Encryption and + support for transition mode."; + } enum WPA3_SAE { description "WPA3-SAE using Simultaneous Authentication of Equals (SAE)."; } + enum WPA3_2_SAE_TRANSITION { + description + "WPA3-SAE using Simultaneous Authentication of Equals (SAE) and + WPA2-PSK AKMs."; + } enum WPA3_ENTERPRISE { description "WPA3-Enterprise with 802.1X SHA-256 authentication key management."; } + enum WPA3_2_ENTERPRISE_TRANSITION { + description + "WPA3-Enterprise with 802.1X SHA-256 authentication key + management."; + } enum WPA3_ENTERPRISE_192_BIT { description "WPA3-Enterprise with 802.1X SHA-384 authentication key @@ -284,7 +305,8 @@ module openconfig-wifi-mac { } leaf wpa3-psk { - when "../opmode = 'WPA3_SAE'"; + when "../opmode = 'WPA3_SAE' or + ../opemode = 'WPA3_2_SAE_TRANSITION"; type string { length "8..63"; } @@ -296,8 +318,10 @@ module openconfig-wifi-mac { when "../opmode = 'WPA2_ENTERPRISE' or ../opmode = 'WPA2_PERSONAL' or ../opmode = 'WPA3_ENTERPRISE' or + ../opmode = 'WPA3_2_ENTERPRISE_TRANSITION ../opmode = 'WPA3_ENTERPRISE_192_BIT' or - ../opmode = 'WPA3_SAE'"; + ../opmode = 'WPA3_SAE' or + ../opmode = 'WPA3_2_SAE_TRANSITION'"; type string; description "Specifies the RADIUS server-group to be used, @@ -367,9 +391,14 @@ module openconfig-wifi-mac { } leaf mfp { - when "../opmode = 'WPA3_ENTERPRISE' or ../opmode = - 'WPA3_ENTERPRISE_192_BIT' or ../opmode = - 'WPA3_SAE' or ../opmode = 'ENHANCED_OPEN'"; + when "../opmode = 'WPA3_ENTERPRISE' or + ../opmode = 'WPA3_2_ENTERPRISE_TRANSITION + ../opmode = 'WPA3_ENTERPRISE_192_BIT' or + ../opmode = 'WPA3_SAE' or + ../opmode = 'WPA3_2_SAE_TRANSITION + ../opmode = 'ENHANCED_OPEN' + ../opmode = 'ENHANCED_OPEN_TRANSITION + "; type boolean; mandatory true; description From bdf3c7d725d75355317f75e02d34a49f2bf9c328 Mon Sep 17 00:00:00 2001 From: "Missae W. Sasaya" Date: Thu, 22 Aug 2024 15:40:19 -0300 Subject: [PATCH 07/11] Fix XPath syntax error caught by pyang in openconfig-wifi-mac.yang (#1169) * Fix XPath syntax caught by pyang: ./wifi/openconfig-wifi-mac.yang:309: error: XPath syntax error: syntax error ./wifi/openconfig-wifi-mac.yang:324: error: XPath syntax error: syntax error ./wifi/openconfig-wifi-mac.yang:401: error: XPath syntax error: syntax error * Fix revision statements --- release/models/wifi/openconfig-wifi-mac.yang | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/release/models/wifi/openconfig-wifi-mac.yang b/release/models/wifi/openconfig-wifi-mac.yang index 2280a5a42..b9c85f634 100644 --- a/release/models/wifi/openconfig-wifi-mac.yang +++ b/release/models/wifi/openconfig-wifi-mac.yang @@ -26,12 +26,18 @@ module openconfig-wifi-mac { description "Model for managing MAC layer configuration of Radio interfaces."; - oc-ext:openconfig-version "1.3.2"; + oc-ext:openconfig-version "1.3.3"; + + revision "2024-08-22" { + description "Fix XPath expression to avoid pyang error"; + reference "1.3.3"; + } revision "2024-08-07" { description "Add transition modes ENHANCED_OPEN_TRANSITION, WPA3_2_SAE_TRANSITION and WPA3_2_ENTERPRISE_TRANSITION"; + reference "1.3.2"; } revision "2023-05-26" { @@ -306,7 +312,7 @@ module openconfig-wifi-mac { leaf wpa3-psk { when "../opmode = 'WPA3_SAE' or - ../opemode = 'WPA3_2_SAE_TRANSITION"; + ../opmode = 'WPA3_2_SAE_TRANSITION'"; type string { length "8..63"; } @@ -318,7 +324,7 @@ module openconfig-wifi-mac { when "../opmode = 'WPA2_ENTERPRISE' or ../opmode = 'WPA2_PERSONAL' or ../opmode = 'WPA3_ENTERPRISE' or - ../opmode = 'WPA3_2_ENTERPRISE_TRANSITION + ../opmode = 'WPA3_2_ENTERPRISE_TRANSITION' or ../opmode = 'WPA3_ENTERPRISE_192_BIT' or ../opmode = 'WPA3_SAE' or ../opmode = 'WPA3_2_SAE_TRANSITION'"; @@ -392,12 +398,12 @@ module openconfig-wifi-mac { leaf mfp { when "../opmode = 'WPA3_ENTERPRISE' or - ../opmode = 'WPA3_2_ENTERPRISE_TRANSITION + ../opmode = 'WPA3_2_ENTERPRISE_TRANSITION' or ../opmode = 'WPA3_ENTERPRISE_192_BIT' or ../opmode = 'WPA3_SAE' or - ../opmode = 'WPA3_2_SAE_TRANSITION - ../opmode = 'ENHANCED_OPEN' - ../opmode = 'ENHANCED_OPEN_TRANSITION + ../opmode = 'WPA3_2_SAE_TRANSITION' or + ../opmode = 'ENHANCED_OPEN' or + ../opmode = 'ENHANCED_OPEN_TRANSITION' "; type boolean; mandatory true; From b492f6746dd957fc0e14bdfa408a584af991aeda Mon Sep 17 00:00:00 2001 From: Shashank-arista <153792517+Shashank-arista@users.noreply.github.com> Date: Tue, 27 Aug 2024 02:42:42 +0530 Subject: [PATCH 08/11] Augment mpls static model to support ECMP of next hops (#1138) Co-authored-by: Darren Loher --- release/models/mpls/openconfig-mpls-igp.yang | 11 +- .../models/mpls/openconfig-mpls-static.yang | 123 ++++++++++++++++-- release/models/mpls/openconfig-mpls-te.yang | 11 +- release/models/mpls/openconfig-mpls.yang | 11 +- 4 files changed, 144 insertions(+), 12 deletions(-) diff --git a/release/models/mpls/openconfig-mpls-igp.yang b/release/models/mpls/openconfig-mpls-igp.yang index 6bbbf1cd8..c88eb0807 100644 --- a/release/models/mpls/openconfig-mpls-igp.yang +++ b/release/models/mpls/openconfig-mpls-igp.yang @@ -21,7 +21,16 @@ submodule openconfig-mpls-igp { "Configuration generic configuration parameters for IGP-congruent LSPs"; - oc-ext:openconfig-version "3.5.0"; + oc-ext:openconfig-version "3.6.0"; + + revision "2024-06-19" { + description + "Added support with backward compatibility to configure ECMP + of next-hops for the same LSP name. Also marked attributes + push-label, next-hop and interface as deprecated under egress, + transit and ingress config"; + reference "3.6.0"; + } revision "2023-12-14" { description diff --git a/release/models/mpls/openconfig-mpls-static.yang b/release/models/mpls/openconfig-mpls-static.yang index d114fe16c..a8e7c2faf 100644 --- a/release/models/mpls/openconfig-mpls-static.yang +++ b/release/models/mpls/openconfig-mpls-static.yang @@ -24,7 +24,16 @@ submodule openconfig-mpls-static { "Defines static LSP configuration"; - oc-ext:openconfig-version "3.5.0"; + oc-ext:openconfig-version "3.6.0"; + + revision "2024-06-19" { + description + "Added support with backward compatibility to configure ECMP + of next-hops for the same LSP name. Also marked attributes + push-label, next-hop and interface as deprecated under egress, + transit and ingress config"; + reference "3.6.0"; + } revision "2023-12-14" { description @@ -156,36 +165,126 @@ submodule openconfig-mpls-static { // grouping statements - grouping static-lsp-common-config { + grouping static-lsp-nexthop-index { description - "common definitions for static LSPs"; + "Next hop index definition for static LSPs"; - leaf next-hop { + leaf index { + type uint32; + description + "An user-specified identifier utilised to uniquely reference + the next-hop entry in the next-hop list. The value of this + index has no semantic meaning other than for referencing + the entry."; + } + } + + grouping static-lsp-nexthop-common-config { + description + "Common definition of next hop configuration for static LSPs"; + + leaf ip-address { type inet:ip-address; description - "next hop IP address for the LSP"; + "Next hop IP address for the LSP"; + } + + leaf push-label { + type oc-mplst:mpls-label; + description + "Label value to push at the current hop for the + LSP"; } + // interface-ref + uses oc-if:interface-ref-common; + } + + grouping static-lsp-common-config { + description + "Common definitions for static LSPs"; + leaf incoming-label { type oc-mplst:mpls-label; description - "label value on the incoming packet"; + "Label value on the incoming packet"; + } + + leaf next-hop { + type inet:ip-address; + status deprecated; + description + "Next hop IP address for the LSP"; } leaf push-label { type oc-mplst:mpls-label; + status deprecated; description - "label value to push at the current hop for the + "Label value to push at the current hop for the LSP"; } // interface-ref - uses oc-if:interface-ref-common; + uses oc-if:interface-ref-common { + status deprecated; + } leaf metric { type uint8; description - "Specifies metric value used for the MPLS route"; + "Specifies metric value used for the MPLS route."; + } + } + + grouping static-lsp-nexthops-common { + description + "MPLS Static LSP next-hops configuration"; + + container lsp-next-hops { + description + "Configuration and state parameters relating to the + next-hops that are to be utilised for the MPLS static + route being specified"; + + list lsp-next-hop { + key "index"; + + description + "A list of next-hops to be utilised for the MPLS + static route being specified."; + + leaf index { + type leafref { + path "../config/index"; + } + description + "A reference to the index of the current next-hop. + The index is intended to be a user-specified value + which can be used to reference the next-hop in + question, without any other semantics being + assigned to it."; + } + + container config { + description + "Configuration parameters relating to the next-hop + entry"; + + uses static-lsp-nexthop-index; + uses static-lsp-nexthop-common-config; + } + + container state { + config false; + description + "Operational state parameters relating to the + next-hop entry"; + + uses static-lsp-nexthop-index; + uses static-lsp-nexthop-common-config; + } + } } } @@ -227,6 +326,8 @@ submodule openconfig-mpls-static { uses static-lsp-ingress-config; uses static-lsp-ingress-state; } + + uses static-lsp-nexthops-common; } } @@ -268,6 +369,8 @@ submodule openconfig-mpls-static { uses static-lsp-transit-config; uses static-lsp-transit-state; } + + uses static-lsp-nexthops-common; } } @@ -309,6 +412,8 @@ submodule openconfig-mpls-static { uses static-lsp-egress-config; uses static-lsp-egress-state; } + + uses static-lsp-nexthops-common; } } diff --git a/release/models/mpls/openconfig-mpls-te.yang b/release/models/mpls/openconfig-mpls-te.yang index 4b12dc66e..647325357 100644 --- a/release/models/mpls/openconfig-mpls-te.yang +++ b/release/models/mpls/openconfig-mpls-te.yang @@ -30,7 +30,16 @@ submodule openconfig-mpls-te { signaling protocol or mechanism (see related submodules for signaling protocol-specific configuration)."; - oc-ext:openconfig-version "3.5.0"; + oc-ext:openconfig-version "3.6.0"; + + revision "2024-06-19" { + description + "Added support with backward compatibility to configure ECMP + of next-hops for the same LSP name. Also marked attributes + push-label, next-hop and interface as deprecated under egress, + transit and ingress config"; + reference "3.6.0"; + } revision "2023-12-14" { description diff --git a/release/models/mpls/openconfig-mpls.yang b/release/models/mpls/openconfig-mpls.yang index f78e1a0ec..693d67e4c 100644 --- a/release/models/mpls/openconfig-mpls.yang +++ b/release/models/mpls/openconfig-mpls.yang @@ -70,7 +70,16 @@ module openconfig-mpls { +------+ |ROUTING| +-----+ +-------+ "; - oc-ext:openconfig-version "3.5.0"; + oc-ext:openconfig-version "3.6.0"; + + revision "2024-06-19" { + description + "Added support with backward compatibility to configure ECMP + of next-hops for the same LSP name. Also marked attributes + push-label, next-hop and interface as deprecated under egress, + transit and ingress config"; + reference "3.6.0"; + } revision "2023-12-14" { description From abba9293800de056022d333d9c79dd43c5be9c56 Mon Sep 17 00:00:00 2001 From: tengyiG <108433002+tengyiG@users.noreply.github.com> Date: Tue, 27 Aug 2024 14:32:47 -0700 Subject: [PATCH 09/11] Update openconfig-keychain-types.yang (#1173) --- .../keychain/openconfig-keychain-types.yang | 26 ++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/release/models/keychain/openconfig-keychain-types.yang b/release/models/keychain/openconfig-keychain-types.yang index d84b1f54c..c923f9ea1 100644 --- a/release/models/keychain/openconfig-keychain-types.yang +++ b/release/models/keychain/openconfig-keychain-types.yang @@ -21,7 +21,13 @@ module openconfig-keychain-types { "This module contains general data definitions for use in keychain-based authentication."; - oc-ext:openconfig-version "0.2.0"; + oc-ext:openconfig-version "0.3.0"; + + revision "2024-08-27" { + description + "Added AES_128_CMAC and AES_256_CMAC"; + reference "0.3.0"; + } revision "2022-03-01" { description @@ -137,4 +143,22 @@ module openconfig-keychain-types { reference "RFC 4494 - The AES-CMAC-96 Algorithm and Its Use with IPsec"; } + + identity AES_128_CMAC { + base CRYPTO_TYPE; + description + "AES-128-CMAC keyed hash function based on a AES-128 block + cipher."; + reference + "RFC 4493 - The AES-CMAC Algorithm and Its Use with IPsec"; + } + + identity AES_256_CMAC { + base CRYPTO_TYPE; + description + "AES-256-CMAC keyed hash function based on a AES-256 block + cipher."; + reference + "RFC 4493 - The AES-CMAC Algorithm and Its Use with IPsec"; + } } From b9845f14fa4c2f6f6c4975dcf9f264f94bc910ae Mon Sep 17 00:00:00 2001 From: Aaron Bamberger Date: Wed, 28 Aug 2024 18:34:04 -0500 Subject: [PATCH 10/11] Updates to network-instance EVPN models for VLAN-aware-bundle support (#1124) * Add a new conditional leaf-lest, "vni-list", to the EVI Vxlan model, to allow the configuration of VLAN-aware-bundle MACVRFs * Make the existing "vni" leaf conditional on the MACVRF being a VLAN-based MACVRF. Since this is the only type of MACVRF currently supported by the model, this is a backwards compatible change Co-authored-by: Darren Loher --- .../network-instance/openconfig-evpn.yang | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/release/models/network-instance/openconfig-evpn.yang b/release/models/network-instance/openconfig-evpn.yang index b9870e461..ab110a894 100644 --- a/release/models/network-instance/openconfig-evpn.yang +++ b/release/models/network-instance/openconfig-evpn.yang @@ -40,7 +40,14 @@ module openconfig-evpn { domains, this is not currently supported and requires an extension of the model."; - oc-ext:openconfig-version "0.9.0"; + oc-ext:openconfig-version "0.10.0"; + + revision "2024-06-07" { + description + "Add new vni-list leaf list to EVI config to support VLAN-aware-bundle + MACVRFs. Make existing vni leaf conditional on MACVRF type being VLAN-based"; + reference "0.10.0"; + } revision "2024-05-14" { description @@ -676,12 +683,27 @@ module openconfig-evpn { Using Ethernet VPN"; leaf vni { + when "../../../config/service-type = 'oc-evpn-types:VLAN_BASED' or + ../../../config/service-type = 'oc-evpn-types:VLAN_BUNDLE'" { + description + "For VLAN-based and VLAN-bundle EVIs, use a single VNI"; + } type oc-evpn-types:vni-id; description "Virtual Network Identifier (VNI) associated to the EVI. This VNI is used for ingress and egress in the VXLAN domain."; } + leaf-list vni-list { + when "../../../config/service-type = 'oc-evpn-types:VLAN_AWARE'" { + description + "For VLAN-aware-bundle EVIs, use a list of VNIs"; + } + type oc-evpn-types:vni-id; + description + "List of VNIs participating in a VLAN-aware-bundle EVI"; + } + leaf overlay-endpoint-network-instance { type leafref { path "/network-instances/network-instance/name"; From 6b19efbb170259b6fda5e1faa43188cb8a98337c Mon Sep 17 00:00:00 2001 From: Aaron Bamberger Date: Wed, 28 Aug 2024 20:48:44 -0500 Subject: [PATCH 11/11] Updates to network instance models for VLAN-VNI and VRF-VNI mappings (#1125) * Introduce new container "local-endpoint-vnis" in Vxlan endpoint model to allow the local configuration of VLAN-to-VNI and VRF-to-VNI mappings --- .../network-instance/openconfig-evpn.yang | 117 ++++++++++++------ 1 file changed, 81 insertions(+), 36 deletions(-) diff --git a/release/models/network-instance/openconfig-evpn.yang b/release/models/network-instance/openconfig-evpn.yang index ab110a894..a3fd800e3 100644 --- a/release/models/network-instance/openconfig-evpn.yang +++ b/release/models/network-instance/openconfig-evpn.yang @@ -40,7 +40,14 @@ module openconfig-evpn { domains, this is not currently supported and requires an extension of the model."; - oc-ext:openconfig-version "0.10.0"; + oc-ext:openconfig-version "0.11.0"; + + revision "2024-08-14" { + description + "Add new local-endpoint-vnis config container to Vxlan connection point to allow + configuration of local VNI-to-VLAN and VNI-to-VRF maps"; + reference "0.11.0"; + } revision "2024-06-07" { description @@ -1046,6 +1053,7 @@ module openconfig-evpn { config false; description "Container for state parameters related to this L2VNI or L3VNI"; + uses evpn-endpoint-vni-config; uses evpn-endpoint-vni-state; } @@ -1053,6 +1061,39 @@ module openconfig-evpn { uses ipv6-top; } } + + container local-endpoint-vnis { + description + "Top level container for local configuration related to Layer 2 virtual + network identifiers (L2VNIs) and Layer 3 virtual network identifiers + (L3VNIs) in the default network instance"; + + list local-endpoint-vni { + key "vni"; + description "List of L2VNIs and L3VNIs configured on the local VTEP"; + + leaf vni { + type leafref { + path '../config/vni'; + } + description "L2VNI or L3VNI Identifier"; + } + + container config { + description + "Container for configuration parameters related to this local L2VNI or + L3VNI"; + uses evpn-endpoint-vni-config; + } + + container state { + config false; + description + "Container for state parameters related to this local L2VNI or L3VNI"; + uses evpn-endpoint-vni-config; + } + } + } } grouping evpn-endpoint-peer-state { @@ -1197,16 +1238,52 @@ module openconfig-evpn { } } - grouping evpn-endpoint-vni-state { + grouping evpn-endpoint-vni-config { description - "Grouping for L2VNI and L3VNI state information learned on the - local VXLAN Tunnel End Point from remote VTEPs"; + "Grouping for L2VNI and L3VNI configuration parameters"; leaf vni { type oc-evpn-types:evi-id; description "L2VNI or L3VNI Identifier"; } + leaf vni-type { + type enumeration { + enum L2 { + description + "This is a Layer 2 service virtual network identifier (L2VNI) + that is used for communication within the same subnet or + broadcast domain"; + } + enum L3 { + description + "This is a Layer 3 service virtual network identifier (L3VNI) + or VRF VNI that is used for communication between subnets"; + } + } + description "The type of virtual network identfier"; + } + + leaf bridge-domain { + type uint32; + description + "This reflects the configured VLAN or Bridge Domain that maps to this + L2VNI in the VXLAN fabric"; + } + + leaf l3-vrf-name { + type string; + description + "This refects the configured VRF instance that maps to this L3VNI + that is used for routing between subnets in the VXLAN fabric"; + } + } + + grouping evpn-endpoint-vni-state { + description + "Grouping for L2VNI and L3VNI state information learned on the + local VXLAN Tunnel End Point from remote VTEPs"; + leaf multidestination-traffic { type union { type oc-inet:ip-address; @@ -1240,23 +1317,6 @@ module openconfig-evpn { control-plane or data-plane"; } - leaf vni-type { - type enumeration { - enum L2 { - description - "This is a Layer 2 service virtual network identifier (L2VNI) - that is used for communication within the same subnet or - broadcast domain"; - } - enum L3 { - description - "This is a Layer 3 service virtual network identifier (L3VNI) - or VRF VNI that is used for communication between subnets"; - } - } - description "The type of virtual network identfier"; - } - leaf vni-state { type enumeration { enum UP { @@ -1290,20 +1350,5 @@ module openconfig-evpn { "Operational status of the SVI mapped to the L3VNI that is used for routing between subnets in the VXLAN fabric"; } - - leaf bridge-domain { - type uint32; - description - "This reflects the configured VLAN or Bridge Domain that maps to this - L2VNI in the VXLAN fabric"; - } - - leaf l3-vrf-name { - type string; - description - "This refects the configured VRF instance that maps to this L3VNI - that is used for routing between subnets in the VXLAN fabric"; - } - } }